[horde] DFN-CERT-2014-0154
Arjen de Korte
arjen+horde at de-korte.org
Fri Feb 7 17:18:32 UTC 2014
Citeren Robert Schetterer <rs at sys4.de>:
> Hi any more info about this?
>
>
> https://portal.cert.dfn.de/adv/DFN-CERT-2014-0154/
> http://www.debian.org/security/2014/dsa-2853
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737149
>
> ...
> As detailed on the debian security tracker[0] and reported on oss-sec[1]
> and assigned CVE 2014-1691, there is a remote code execution bug in
> horde affecting all versions from at least horde 3.1.x to 5.1.1.
> ...
>
> looks like debian has a fix at
>
> https://gist.github.com/pietro/8712454/raw/b03bc5ecb7ec1f1f778b867ecd6d9d142d0ddaf7/gistfile1.diff
So what? This is old news, it was fixed upstream weeks before debian
released updated packages.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5849 bytes
Desc: S/MIME Signature
URL: <http://lists.horde.org/archives/horde/attachments/20140207/e4336de9/attachment.bin>
More information about the horde
mailing list